Vulnerabilities > CVE-2005-4502 - Multiple vulnerability in Net-Square Httprint 202
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Cross-site scripting (XSS) vulnerability in httprint v202, and possibly other versions before v301, allows remote attackers to inject arbitrary web script or HTML via the Server field in an HTTP response, which is not sanitized before being displayed to the user.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | httprint 202.0 HTTP Response Server Field Arbitrary Script Injection. CVE-2005-4502. Remote exploits for multiple platform |
id | EDB-ID:26966 |
last seen | 2016-02-03 |
modified | 2005-12-22 |
published | 2005-12-22 |
reporter | Mariano Nunez Di Croce |
source | https://www.exploit-db.com/download/26966/ |
title | httprint 202.0 HTTP Response Server Field Arbitrary Script Injection |
References
- http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/040532.html
- http://net-square.com/httprint/#history
- http://secunia.com/advisories/18208
- http://securitytracker.com/id?1015403
- http://www.cybsec.com/vuln/CYBSEC_Security_Advisory_httprint_Multiple_Vulnerabilities.pdf
- http://www.securityfocus.com/archive/1/420101/100/0/threaded
- http://www.securityfocus.com/bid/16031
- http://www.vupen.com/english/advisories/2005/3070
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23885